IMO that's b/c there's no fine-grained way to grant privs. capget()/capset() only since Linux 2.2 & nonportable
-
-
-
Caps are just as bad, false sense of security @ cost of major complexity. Most yield root-like power easily.
-
I'll agree 2/3rds of them being far too powerful but it mostly pisses me off that I need root to bind SOCK_RAW.
-
Recent Linux has SOCK_DGRAM ICMP support. Does that help?
-
Otherwise, a persistent tun/tap device with right chmod can be used to let users generate raw packets.
-
presumably after level 2 bridging to your eth device?
-
Or routing, depending on your needs.
End of conversation
New conversation -
-
-
I'd mostly avoid it entirely, do the little bit needed with ssh root@localhost & forced-command in auth keys file
-
Unlike suid, ssh root@localhost does not let you control environ (vars, rlimits, inherited fds, etc) of root proc
-
suid is essentially an unbounded attack surface.
-
Tweet unavailable
-
Pubkey auth and a key with no passphrase is equivalent (permission-wise) to unix domain socket, no?
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.